{"vuid":"VU#921193","idnumber":"921193","name":"Apple QuickTime fails to properly handle corrupt media files","keywords":["Apple","QuickTime","buffer overflow","arbitrary code execution","media file","stsd atom","mov","QuickTimeUpdate704"],"overview":"Apple QuickTime contains a heap overflow vulnerability in the handling of media files that may allow a remote unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system.","clean_desc":"Apple's QuickTime Player is multimedia software that allows users to view local and remote audio, video, and image content. Quicktime contains a heap overflow vulnerability in code that handles the stsd atom of a media file. This vulnerability may be triggered by using the QuickTime Player or an application that uses the QuickTime plug-in, such as a web browser. Note that this issue affects QuickTime installations on both Apple Mac and Windows operating systems.","impact":"A remote, unauthenticated attacker may be able to execute arbitrary code or cause a denial of service if the user is persuaded to view a specially crafted media file.","resolution":"Install an update\nApple has addressed this issue with Quicktime 7.0.4, as specified in Apple Support Document 303101.","workarounds":"","sysaffected":"","thanks":"This vulnerability was reported by Apple Product Security, who in turn credit Karl Lynn of eEye Digital Security.","author":"This document was written by Will Dormann.","public":["http://docs.info.apple.com/article.html?artnum=303101","http://www.eeye.com/html/research/advisories/AD20060111a.html","http://secunia.com/advisories/18370/"],"cveids":["CVE-2005-4092"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2006-01-11T15:25:43Z","publicdate":"2006-01-10T00:00:00Z","datefirstpublished":"2006-01-11T17:02:06Z","dateupdated":"2006-01-12T21:45:56Z","revision":16,"vrda_d1_directreport":"0","vrda_d1_population":"4","vrda_d1_impact":"4","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"15","cam_population":"20","cam_impact":"15","cam_easeofexploitation":"13","cam_attackeraccessrequired":"20","cam_scorecurrent":"43.875","cam_scorecurrentwidelyknown":"51.1875","cam_scorecurrentwidelyknownexploited":"80.4375","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":43.875,"vulnote":null}